Support what "sign-in with Apple" is doing for client auth

[sandhose]

SIWA is doing a non-standard auth mechanism, as described here: https://developer.apple.com/documentation/accountorganizationaldatasharing/generate-and-validate-tokens

[matrixbot]

For your information, this issue has been copied over to the Element fork of matrix-authentication-service: https://github.com/element-hq/matrix-authentication-service/issues/2119